<?php
session_start();
if($_SESSION["name"] == null){
  echo <<<END
      <script type="text/javascript">
       alert("请登录访问！");
       location.href="../login.html";
      </script>
END;
}

//1903010328 创建连接
include "../inc/data/conn.php";
// 1903010328 获取处理对象
if ($_SESSION["sf"]=="student") {
	//学生
	$sql = "update mamx_stu
	       set stupa = ?
	       where stuid = ? and stupa = ?";
}
else{
	// 老师
	$sql = "update mamx_te
	       set tepa = ?
	       where teid = ? and tepa= ?";
}
if (!($stmt = $conn->prepare($sql))){
	// 创建失败
	die("修改失败，请重试！！");
}
// 190301328 执行
$stmt->bind_param("ssi",$newPa,$_SESSION["id"],$oldPa);
$newPa = md5($_POST["newpa1"]);
$oldPa = md5($_POST["oldpa"]);
$stmt->execute();
// 190301328 判断执行结果
if ($stmt->affected_rows == 1){
	// 成功
	echo <<<END
     <script>
        alert("密码修改成功，请重新登录！");
        location = "../quit.php";
     </script>
END;
}
else{
	// 失败
	echo <<<END
     <script>
        alert("密码修改失败，新旧密码不能一致！");
        location = "user.php";
     </script>
END;
}

